Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
File: 5PKoZiAvS4y8MzgtboLYHYlkyA4.mft (raw, json)
Hash identifier: Y8GabdfX7hUTelvhUJksGlVooMLNph0ATWd2IIGDs4Q=
Subject key identifier: 8A:93:F3:7A:5E:F7:74:1A:66:46:8A:07:7B:75:C5:09:A6:34:33:00
Authority key identifier: E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
Certificate issuer: /CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Certificate serial: 019D9C2CD951B581ED159ACF9B62671C0C1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
Manifest number: 18C4
Signing time: Fri 17 Apr 2026 16:01:17 +0000
Manifest this update: Fri 17 Apr 2026 16:01:17 +0000
Manifest next update: Sat 18 Apr 2026 16:01:17 +0000
Files and hashes: 1: 0_tFJYeiflxsIJ9bhjlTeIiAEJc.roa (hash: USV70Tn6bwMKjWSZ09NQefEfFL6vsHQ3fPX3IL9JI1s=)
2: 1-yw1t0kY85xsjAVQhYzgow7rABo.roa (hash: ORfh3FtzuWNiPQFo+ySnKPD1ydxiVO9XWGWLQxyIANw=)
3: 5PKoZiAvS4y8MzgtboLYHYlkyA4.crl (hash: HBno86UbMvL190fmEd4sDpzyp38i5jecowUNAyIQ/FM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:2c:d9:51:b5:81:ed:15:9a:cf:9b:62:67:1c:0c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Validity
Not Before: Apr 17 16:01:17 2026 GMT
Not After : Apr 18 16:01:17 2026 GMT
Subject: CN=8a93f37a5ef7741a66468a077b75c509a6343300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:58:97:ed:1d:a4:87:19:99:e1:44:1f:58:67:
59:7c:66:6d:27:ae:45:ef:71:73:8d:14:8d:5d:95:
c8:46:fb:8e:58:db:ed:30:d8:1b:30:27:19:c3:58:
1f:b5:24:d7:34:06:d5:09:85:b2:5b:75:60:c2:71:
41:04:7b:17:9f:45:c7:76:59:4b:43:64:aa:fb:40:
68:19:33:17:e0:07:ee:97:b6:34:62:14:0f:37:7a:
e8:36:19:f6:cb:16:85:7a:ad:e1:9a:8c:27:aa:0f:
80:43:3e:54:7b:8b:5b:89:e6:20:32:fb:4e:24:24:
15:5b:40:1a:0e:40:d7:d2:7a:73:10:95:8a:58:8f:
ab:18:98:2b:00:d1:11:31:cb:bc:7b:bf:f2:cc:43:
a6:d0:48:92:47:b8:f1:10:20:e7:1f:c0:97:a7:b3:
17:8b:5b:41:f0:1b:9b:f0:27:36:83:61:2d:fc:0f:
e5:1a:cb:a0:10:a1:74:72:c5:53:7f:82:47:5e:e4:
29:c8:1d:19:f1:f8:b7:81:55:c2:de:22:6c:f2:7e:
92:56:12:ad:1e:59:19:e8:bb:38:a2:8d:40:97:b5:
de:8a:40:ca:a3:9f:66:9c:4b:9d:33:fd:80:7c:63:
04:82:c3:85:57:6b:c7:09:20:05:3f:8c:7a:77:f9:
9c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:93:F3:7A:5E:F7:74:1A:66:46:8A:07:7B:75:C5:09:A6:34:33:00
X509v3 Authority Key Identifier:
keyid:E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:bb:94:19:65:b3:7a:87:5b:fa:32:0c:24:f3:f5:56:b6:f2:
8b:46:f0:c3:d2:ae:cb:21:99:8c:fb:c7:c1:76:ad:59:76:d4:
6d:ea:49:1a:f6:74:81:90:e9:0c:b5:05:9d:73:bb:f2:44:35:
a1:ad:d9:df:e1:2e:9c:71:2c:b1:32:93:3f:b0:b1:72:12:5c:
e0:00:b3:2f:f0:6a:4c:aa:96:90:c6:68:44:f0:10:2a:a0:7b:
3f:08:ee:06:e0:44:b4:79:d2:96:e4:6a:ca:f7:3f:3e:60:0d:
06:3b:2a:c0:57:bc:31:a5:f6:34:45:ed:41:9b:92:0b:54:64:
48:04:5e:eb:84:25:da:06:b5:a0:a8:3d:63:85:2f:d2:e7:6a:
5e:ed:84:ab:27:0b:d6:e9:1a:98:e5:4f:90:77:46:32:7a:4a:
d5:92:97:40:41:85:60:01:1e:6c:92:13:23:be:02:a2:04:fa:
ea:56:bf:a2:64:fc:e2:39:20:66:3d:5a:2c:ab:0c:81:70:78:
12:ee:fe:50:16:f1:91:e1:9f:f7:4c:fd:e2:be:91:a7:ba:8e:
de:f5:e3:e0:33:a1:de:b1:9f:24:48:58:89:22:8c:06:aa:f1:
cf:f6:f3:10:00:30:d2:fd:47:ef:c4:bf:bf:5a:80:9f:6e:65:
1a:3f:07:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLNlRtYHtFZrPm2JnHAwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZjJhODY2MjAyZjRiOGNiYzMzMzgyZDZlODJkODFkODk2
NGM4MGUwHhcNMjYwNDE3MTYwMTE3WhcNMjYwNDE4MTYwMTE3WjAzMTEwLwYDVQQD
Eyg4YTkzZjM3YTVlZjc3NDFhNjY0NjhhMDc3Yjc1YzUwOWE2MzQzMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApViX7R2khxmZ4UQfWGdZfGZtJ65F
73FzjRSNXZXIRvuOWNvtMNgbMCcZw1gftSTXNAbVCYWyW3VgwnFBBHsXn0XHdllL
Q2Sq+0BoGTMX4Aful7Y0YhQPN3roNhn2yxaFeq3hmownqg+AQz5Ue4tbieYgMvtO
JCQVW0AaDkDX0npzEJWKWI+rGJgrANERMcu8e7/yzEOm0EiSR7jxECDnH8CXp7MX
i1tB8Bub8Cc2g2Et/A/lGsugEKF0csVTf4JHXuQpyB0Z8fi3gVXC3iJs8n6SVhKt
HlkZ6Ls4oo1Al7XeikDKo59mnEudM/2AfGMEgsOFV2vHCSAFP4x6d/mc/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqT83pe93QaZkaKB3t1xQmmNDMAMB8GA1UdIwQY
MBaAFOTyqGYgL0uMvDM4LW6C2B2JZMgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEt
MWE1MTNkZjA2OWZjLzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEtMWE1MTNkZjA2OWZj
LzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLuUGWWz
eodb+jIMJPP1Vrbyi0bww9KuyyGZjPvHwXatWXbUbepJGvZ0gZDpDLUFnXO78kQ1
oa3Z3+EunHEssTKTP7CxchJc4ACzL/BqTKqWkMZoRPAQKqB7PwjuBuBEtHnSluRq
yvc/PmANBjsqwFe8MaX2NEXtQZuSC1RkSARe64Ql2ga1oKg9Y4Uv0udqXu2EqycL
1ukamOVPkHdGMnpK1ZKXQEGFYAEebJITI74CogT66la/omT84jkgZj1aLKsMgXB4
Eu7+UBbxkeGf90z94r6Rp7qO3vXj4DOh3rGfJEhYiSKMBqrxz/bzEAAw0v1H78S/
v1qAn25lGj8HYQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:01:31 2026 by rpki-client